CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.9%
Added: 03/11/2013
CVE: CVE-2012-4914
BID: 57461
OSVDB: 89349
Cool PDF Reader is a small viewer/reader that can view, print, and convert PDF files to TXT, BMP, JPG, GIF, PNG, WMF, EMF, EPS.
Cool PDF Reader versions 3.0.2.256 and prior do not perform proper bounds checking on image stream objects. An attacker may be able to craft a malicious PDF document that exploits this vulnerability to trigger a stack overflow condition, which may lead to the ability to execute arbitrary code.
No update is available at this time.
[http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70 ](<http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70
>)
<http://www.pdf2exe.com/reader.html>
This exploit has been tested against CoolPDF Software Cool PDF Reader 3.0.2.256 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).
Windows